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DETAILED ACTION 

1 . Applicant's arguments filed April 3, 2006, have been fully considered. 

2. Claims 46-51 are pending and have been examined. Claims 1-45 and 52-58 
have been cancelled. 

Response to Amendment 

3. Applicant's arguments with respect to claims 46-51 have been considered but are 
moot in view of the new ground(s) of rejection. 

Continued Examination Under 37 CFR 1.114 

4. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. 

Claim Rejections - 35 USC § 103 

5. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

6. Claims are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fletcher et al. (US Patent 7,010,681, hereinafter Fletcher). 

Regarding claim 46, Fletcher teaches a data processor for receiving and 
processing data to which information for tampering detection is added (column 2, lines 
30-67), said data processor comprising: a receiver operable to receive data which 
includes an authentication information region for including the tampering detection 
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information, a protected data region for including data to be subjected to tampering 
detection, and an unprotected data region for including data that is not to be subjected 
to tampering detection (column 3, lines 40-67, column 4, lines 1-37); a protected data 
authentication unit operable to detect, for the data, which is included in the protected 
data region and received by said receiver, whether the data included in the protected 
data region has been tampered with by using the tampering detection information 
included in the authentication information region (column 4, lines 38-67, column 5, lines 
1-67); and an unprotected data authentication unit operable to determine the data 
included in the unprotected data region as being valid when a data type of the data, 
which is included in the unprotected data region and received by said receiver (column 
5, lines 1-67). Fletcher does not use a list to list by type the data included in the 
unprotected data region. However, Fletcher teaches labeling the data to provide 
security services and already lists the data by data type. Therefore, it would have been 
obvious to one having ordinary skill in the art at the time the invention was made to 
provide a list of the data included in the unprotected data region. One of ordinary skill in 
the art would have been motivated do so to help provide data integrity services. 

Regarding claim 48, Fletcher teaches a data processor structured by a 
transmitting data processor and a receiving data processor (column 2, lines 30-67), said 
transmitting data processor being operable to transfer, to said receiving data processor, 
data to which information for tampering detection is added (column 3, lines 40-67, 
column 4, lines 1-37), wherein said transmitting data processor comprises: a data 
generation unit operable to generate data to be transmitted by arranging data to be 
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subjected to tampering detection, the data that is not to be subjected to tampering 
detection in an unprotected data region, and the tampering detection information 
derived based on the data in the protected data region in an authentication information 
region (column 3, lines 40-67, column 4, lines 1-37); and a transmitter operable to 
transmit the data generated by said data generation unit (column 6, lines 1-50); and 
wherein said receiving data processor comprises: a receiver operable to receive the 
data transmitted from said transmitting data processor; a protected data authentication 
unit operable to detect, for the data, which is included in the protected data region and 
received by said receiver, whether the data in the protected data region has been 
tampered by using the tampering detection information in the authentication information 
region (column 4, lines 38-67, column 5, lines 1-67); and an unprotected data 
authentication unit operable to determine the data included in the unprotected data 
region as being valid when a data type of the data, which is included in the unprotected 
data region and received by said receiver (column 5, lines 1-67). Fletcher does not use 
a list to list by type the data included in the unprotected data region. However, Fletcher 
teaches labeling the data to provide security services and already lists the data by data 
type. Therefore, it would have been obvious to one having ordinary skill in the art at the 
time the invention was made to provide a list of the data included in the unprotected 
data region. One of ordinary skill in the art would have been motivated do so to help 
provide data integrity services. 

Regarding claim 50, Fletcher teaches a data processing method for receiving 
and processing data to which information for tampering detection is added (column 2, 
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lines 30-67), said method comprising: receiving data which includes an authentication 
information region for including the tampering detection information, a protected data 
region for including data to be subjected to tampering detection (column 3, lines 40-67, 
column 4, lines 1-37), and an unprotected data region for including data that is not to be 
subjected to tampering detection (column 3, lines 40-67, column 4, lines 1-37); 
detecting, for the data, which is included in the protected data region and received in 
said receiving of the data, whether the data included in the protected data region has 
been tampered with by using the tampering detection information included in the 
authentication information region (column 4, lines 38-67, column 5, lines 1-67); and 
determining the data included in the unprotected data region as being valid when a data 
type of the data, which is included in the unprotected data region and received in said 
receiving of the data (column 4, lines 38-67, column 5, lines 1-67). Fletcher does not 
use a list to list by type the data included in the unprotected data region. However, 
Fletcher teaches labeling the data to provide security services and already lists the data 
by data type. Therefore, it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to provide a list of the data included in the 
unprotected data region. One of ordinary skill in the art would have been motivated do 
so to help provide data integrity services. 

Regarding claim 51, Fletcher teaches a data processing method for transferring 
data, to which information for tampering detection is added, from a transmitting data 
processor to a receiving data processor (column 2, lines 30-67), wherein: in the 
transmitting data processor, said method comprises generating data to be transmitted 
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by arranging data to be subjected to tampering detection in a protected data region, the 
data that is not to be subjected to tampering detection in an unprotected data region, 
and the tampering detection information derived based on the data in the protected data 
region in an authentication information region (column 3, lines 40-67, column 4, lines 1- 
37), and transmitting the data generated in said generating of the data to be transmitted 
(column 6, lines 1-50); and in the receiving data processor, said method comprises 
receiving the data transmitted from the transmitting data processor (column 6, lines 1- 
50), detecting, for the data, which is included in the protected data region and received 
in said receiving of the data, whether the data in the protected data region has been 
tampered with by using the tampering detection information in the authentication 
information region (column 4, lines 38-67, column 5, lines 1-67), and determining the 
data included in the unprotected data region as being valid when a data type of the 
data, which is included in the unprotected data region and received in said receiving of 
the data (column 5, lines 1-67). Fletcher does not use a list to list by type the data 
included in the unprotected data region. However, Fletcher teaches labeling the data to 
provide security services and already lists the data by data type. Therefore, it would 
have been obvious to one having ordinary skill in the art at the time the invention was 
made to provide a list of the data included in the unprotected data region. One of 
ordinary skill in the art would have been motivated do so to help provide data integrity 
services. 

Regarding claims 47 and 49, Fletcher teaches the data received / generated by 
said receiver / data generation unit is hypertext data (fig 1-2, column 3, lines 40-67, 
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column 4, lines 1-37). Fletcher does not expressly teach the unprotection list lists, by 
type, a tag included in the unprotected data region but includes such tags (fig 1-2, 
column 3, lines 40-67, column 4, lines 1-37). 

Conclusion 

7. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Cofta (US Patent Application Publication 2001/0016042) 
discloses loading program modules in a terminal using digital signatures and encryption. 
Shear (US Patent 6,157,721) discloses a verifying authority digitally signs a load 
module or other executable with several different digital signatures and/or signature 
schemes, a protected processing environment or other secure execution space may 
require a load module or other executable to present multiple digital signatures before 
accepting it. An attacker would have to "break" each (all) of the several digital 
signatures and/or signature schemes to create an unauthorized load module or other 
executable that would be accepted by the protected processing environment or other 
secure execution space. Different protected processing environments (secure execution 
spaces) might examine different subsets of the multiple digital signatures-so that 
compromising one protected processing environment (secure execution space) will not 
compromise all of them. As an optimization, a protected processing environment or 
other secure execution space might verify only one of the several digital signatures (for 
example, chosen at random each time an executable is used)-thereby speeding up the 
digital signature verification while still maintaining a high degree of security (column 6, 
lines 1-67, column 7, lines 1-67). Atkinson (US Patent Number 5,892,904) discloses a 
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certification or signing method that ensures the authenticity and integrity of a computer 
program. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David G. Cervetti whose telephone number is (571) 272- 
5861. The examiner can normally be reached on Monday-Friday 7:00 am - 5:00 pm, off 
on Wednesday. 

9. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on (571) 272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 



10. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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